Doesnt work on 5.4.0-164-generic #181-Ubuntu

Notselwyn / CVE-2024-1086

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

https://pwning.tech/nftables

MIT License

2.26k stars 296 forks source link

Doesnt work on 5.4.0-164-generic #181-Ubuntu #16

Closed CodeXTF2 closed 5 months ago

CodeXTF2 commented 5 months ago

kernel version: 5.4.0-164-generic #181-Ubuntu

(remote) ahope@nix01:/home/ahope$ ./exploit.1 
[*] creating user namespace (CLONE_NEWUSER)...
[*] creating network namespace (CLONE_NEWNET)...
[*] setting up UID namespace...
[*] configuring localhost in namespace...
[*] setting up nftables...
[+] running normal privesc
[*] waiting for the calm before the storm...
[*] sending double free buffer packet...
[*] spraying 16000 pte's...

[04:50:42] connection reset  
<box was down>

Notselwyn commented 5 months ago

Hi, the exploit does not work on v5.4 kernels (the vuln exists, though). Please check the affected versions table in the blogpost: https://pwning.tech/nftables/#02-affected-kernel-versions